Timestamp & Archive

Business Needs

Document archiving is an essential component in many business applications where documents need to be verifiable as authentic in the future. It’s a fundamental requirement that the archive process is trusted, so that it can be proven that the documents have not changed since entering the archive.

All organisations depend upon having archived documents that provide legal weight evidence that agreements were signed, transactions were completed, reports and financial documents are unchanged. Thus archived documents need to be relied upon for many years even after digital certificates have expired and perhaps even after the original cryptographic algorithms used in the signing process have become weak.

Use case mapping

Ascertia is an expert provider of digital signature, timestamping and long-term archiving products that can be used for secure archiving and e-notarisation purposes either within an enterprise or by Managed Service Providers on behalf of multiple end-customers.

Archiving solutions can be split into various types:

  • Notarisation
    Using signature and timestamp services to notary-sign a document or a data object or, to maintain privacy the service can notarise just the signature without seeing the whole document content
  • Verification & archiving
    First verify existing signatures within a document, gather the verification evidence (e.g. certificate chains and OCSP/CRL responses) and then using signature and timestamp services to notary-sign an envelope containing the original signed object plus verification data
  • Long-term archiving including re-evidencing
    Once a secure archive is created it can remain secure only until the trusted timestamps do not expire and/or underlying cryptographic algorithms do not weaken. To avoid these scenarios the archived objects need to be re-evidenced based on evidence refresh policies.

Ascertia's ADSS Server is the underlying technology which fulfils the above business requirements. ADSS Server is based on industry accepted protocols for communicating with an e-Trust server, including OASIS Digital Signature Specifications (DSS and DSS-X) for server-side signing and verification, IETF TSP for communicating with a Time Stamping Authority and IETF Long-Term Archive & Notary Service (LTANS) for secure data archiving. In particular for long-term archiving, ADSS Server complies with the XML/SOAP web services Long-Term Archive Protocol (LTAP) and stores evidence information about archived objects in the form of XML Evidence Record Syntax (XMLERS).

The following table shows the products that are appropriate to meet various business needs:

Use Case Ascertia Product(s)

Basic Signing & Timestamping of Data

Proves data existed at a particular time and not changed subsequently. As part of the timestamping process, the data can also be notary signed by the archive authority using ETSI PAdES-A, CAdES-A and XAdES-A archive signatures.

ADSS Signing Server

For creating timestamped and long-term signatures

ADSS TSA Server

For issuing RFC3161 compliant timestamps

Human Notary Signature

Human users can view and sign archive objects, using locally or central held signing keys. User's notary signature can be enhanced to long-term CAdES-A or XAdES-A signature on the server

ADSS Signing Server

For enhancing basic signatures to timestamped or long-term signatures

ADSS Go>Sign Service

For creating local signatures by human users

Long-term Evidence Archiving

Documents of any type are securely archived for long-term using IETF LTANS specifications. Also notary sign and verify existing signatures before archiving, and manage the retention and re-evidencing based on archive policies.

ADSS LTANS Evidence Server

For creating long-term LTANS Evidence Records

Local language support

For web applications, ADSS Server expects the browser pages to be created by application developers using local language that is suitable for the business purpose and the end-users. ADSS Go>Sign Service Document Viewer is fully multi-lingual.

Request Info

Submit

Sales Inquiries:
+44 (0)800 772 0 442

15

+
Years of Digital Signature
Innovation